<?php
/**
 * vanephp web framework
 * RBAC用户模型类
 *
 * @author aray <ofree@qq.com>
 * @link http://www.vanephp.com/s
 * @copyright Copyright &copy; 2010 aray
 * @license http://www.vanephp.com/license
 * @package rbac
 */

if ( ! defined ( 'INVANE' ) )
	exit ( '!' );

vane::load ( 'vane_db_tableSupport' );

define ( 'ENCRYPT_MD5', 'md5' );
define ( 'ENCRYPT_SHA1', 'sha1' );
define ( 'ENCRYPT_CRYPT', 'crypt' );

/**
 * RBAC用户模型类
 * @author aray
 *
 */
class vane_rbac_user extends vane_db_tableSupport {
	/**
	 * 安全密钥
	 * @var string
	 */
	protected $securityCode = 'vane';
	/**
	 * 用户名字段列名
	 * @var string
	 */
	protected $usernameField = 'username';
	/**
	 * 密码字段列名
	 * @var string
	 */
	protected $passwordField = 'password';
	/**
	 * 加密方式
	 * @var string [ENCRYPT_MD5 | ENCRYPT_SHA1 | ENCRYPT_CRYPT]
	 */
	protected $encryptMethod = ENCRYPT_SHA1;
	
	protected $role_id = 'roleid';
	
	/**
	 * 编译密码
	 * @param string $password		密码（原文）
	 */
	public function compliePassword ( $password ) {
		//		$password .= sha1 ( $this->securityCode );
		$encryptedPassword = $password;
		switch ( $this->encryptMethod ) {
			case ENCRYPT_MD5 :
				$encryptedPassword = md5 ( $password );
				break;
			case ENCRYPT_SHA1 :
				$encryptedPassword = sha1 ( $password );
				break;
			case ENCRYPT_CRYPT :
				$encryptedPassword = crypt ( $password, $this->securityCode );
				break;
		}
		return $encryptedPassword;
	}
	
	/**
	 * 修改用户密码
	 * @param string $username  	用户名
	 * @param string $password		新密码
	 * @param string $oldPassword	旧密码（可选）
	 */
	public function changePassword ( $username, $oldPassword = null, $password ) {
		$condition = sprintf ( '%s = %s', $this->usernameField, "'{$username}'" );
		if ( $oldPassword != null ) {
			$oldPassword = $this->compliePassword ( $oldPassword );
			$condition .= sprintf ( ' AND %s = %s', $this->passwordField, "'{$oldPassword}'" );
		}
		return parent::update ( array (
			$this->passwordField => $this->compliePassword ( $password ) 
		), $condition );
	}
	
	/**
	 * 测试是否存在用户名
	 * @param string $username	用户名
	 */
	public function existsUsername ( $username ) {
		return $this->findCount ( sprintf ( '%s = %s', $this->usernameField, "'{$username}'" ) ) > 0;
	}
	
	/**
	 * 创建用户
	 * @param string $row		用户
	 */
	public function create ( $row ) {
		if ( ! isset ( $row[$this->passwordField] ) ) {
			return - 1;
		}
		$row[$this->passwordField] = $this->compliePassword ( $row[$this->passwordField] );
		return parent::create ( $row );
	}
	
	/**
	 * 更新用户(不会更新用户密码字段)
	 * @param array $row		用户
	 * @param string $condition	WHERE条件
	 */
	public function update ( $row, $condition ) {
		if ( isset ( $row[$this->passwordField] ) ) {
			unset ( $row[$this->passwordField] );
		}
		return parent::update ( $row, $condition );
	}
	
	/**
	 * 验证用户名和密码是否正确并返回用户(不返回密码部分)
	 * @param string $username	用户名
	 * @param string $password	密码
	 */
	public function validate ( $username, $password ) {
		$password = $this->compliePassword ( $password );
		$user = $this->find ( '*', sprintf ( '%s = %s AND %s = %s', $this->usernameField, "'{$username}'", $this->passwordField, "'{$password}'" ) );
		if ( $user ) {
			unset ( $user[$this->passwordField] );
		}
		return $user;
	}
}